Blog - Sonicwall Cyberthreat Report 2022

SonicWall Cyber Threat Report 2022

In 2021, as businesses grappled with the ongoing COVID-19 pandemic and the shift to remote work, cybercriminals continued to build on what they had learned in 2020, producing ever more adaptable and formidable threats. The SonicWall Cyber Threat Report 2022 documents the trends in cybercrime during 2021. Its findings will help your organisation create appropriate strategies to defend itself in 2022.

Click here to download the SonicWall Cyber Threat Report 2022

2021 in Review

Whilst cybercriminals followed the moves of an ever-changing world, our partners at SonicWall followed the movement of cybercriminals, recording where they attacked, who they targeted and what sorts of new techniques they developed. By compiling these findings into the 2022 SonicWall Cyber Threat Report, we’re offering businesses the actionable threat intelligence they need to combat the rising tide of cybercrime. The 2022 SonicWall Cyber Threat Report shines a spotlight on the growing plague of ransomware and other attempts at digital extortion. 

Cyber Threat Report 2022 – Key Findings

Sonicwall key findings 2022Ransomware 

In 2021, SonicWall researchers recorded 623.2 million ransomware attempts globally, an increase of 105% year over year. This increase was fueled by large volumes of Ryuk, SamSam and Cerber attacks, which together made up 62% of the total ransomware volume. While the growth in ransomware was unusually aggressive, so were many of the techniques ransomware gangs used to separate legitimate organisations from their money. Double extortion continued to grow in 2021, and terrifying new triple extortion techniques began taking hold as well. Supply-chain attacks and attacks on vital infrastructure also increased, putting pressure on lawmaking bodies around the world to unify against ransomware’s growing threats. 


As attacks of nearly every type have grown over the past couple of years, we’ve been able to count on one silver lining: “Well, at least malware volume is down.” A look at the data for 2021, however, shows signs that this sustained fall may soon be coming to an end. While malware was still down 4% year-over-year, this is the smallest percentage drop we’ve seen in some time, with a rebound in the second half almost completely erasing the 22% drop recorded for the first half. Moreover, malware didn’t fall everywhere: the UK saw an increase of 48%. 


Exploits From Dec. 11, 2021, through Jan. 31, 2022, SonicWall researchers logged 142.2 million Log4j exploit attempts — an average of 2.7 million attempts each day. The data shows threat actors pivoting to attack these vulnerabilities at an alarming rate, with large numbers of attempts continuing to this day. (As a reminder, SonicWall has released a number of signatures to help protect customers against Log4j exploit attempts — if you haven’t yet patched your business internal systems against these vulnerabilities, we strongly urge you to do so). 

Capture ATP and RTDMI 

In 2021, SonicWall Capture Advanced Threat Protection (ATP) with Real-Time Deep Memory Inspection (RTDMI)™ became the only solution in ICSA Labs Advanced Threat Defense (ATD) certification history to earn four straight perfect scores, all without a single false positive. SonicWall’s data on the evolution of Capture ATP and RTDMI shed some light on how they accomplished this feat. In 2021, RTDMI identified 442,151 never-before-seen malware variants, an increase of 65% year over year and an average of 1,221 per day.


Given 2021’s record-high cryptocurrency prices, not even mining crackdowns and increased federal scrutiny were enough to keep cryptojacking down. SonicWall researchers recorded a 19% year-over-year increase in cryptojacking, amounting to an average of 338 attempts per customer network.

Read All The Facts

Download the full report here.

Request A CyberSecurity Review

If you would like a free 15-minute consultation to discuss how we can help you protect your business with boundless cybersecurity, call us on 0800 032 8274 or book a discovery call here.

About Marlin

Marlin is an award-winning, leading provider of Unified Communications & collaboration solutions including voice, data, mobile, video, network security and contact centre technology for businesses of 50 – 5,000 staff.

We have clients across the south of England and in Europe and our own, on-premises, 1,000 ft² Technology Suite at our Bath office, where we host regular events and showcase technology solutions for our clients. Contact us for your free comms audit or product demo.

Get the latest tech news & reviews – straight to your inbox

Sign up to receive exclusive business communications, tech content, new tech launches, tips, articles and more.